It’s that time of year, when Business Link Magazine invites the region’s business leaders to offer up their predictions for the year ahead.
It has become something of a tradition, given that we’ve been doing this now for over 30 years.
Here we speak to Nick Taylor-Ward ACII, Chartered Insurance Broker and Client Director at Konsileo.
It’s easy to paint 2026 as doom and gloom, but the reality is more nuanced. I expect the economy to remain fairly flat, with modest growth. Consumer spending will likely stay subdued, largely due to the ongoing cost pressures of energy and food driven by inflation.
The talent shortage across the UK is expected to persist, which means businesses will increasingly turn to AI tools to support all aspects of their operations, including:
- Customer service
- Sales automation
- Risk analytics
- Design
As organisations rely more on computing power and digital systems, cyber risk grows. Advanced phishing, social engineering, AI-generated fraud, and supply-chain cyber incidents will become more frequent. Ransomware, in particular, will remain one of the largest operational threats for organisations of all sizes. I anticipate some very large, record-breaking cyber-attacks with substantial financial losses.
The cyber insurance market is set to surge in response. Insurers will increasingly use AI to tighten underwriting requirements, scrutinise supply chains, and ensure organisations demonstrate robust cyber defences and adequate insurance coverage.
Legislative changes to watch
The Cyber Security and Resilience Bill is expected to come into force in 2026, introducing significant new obligations. Organisations should start preparing now by:
- Conducting a comprehensive cyber risk assessment
- Building or updating an incident response plan
- Strengthening cyber controls such as multi-factor authentication and least-privilege access
- Developing a supply chain resilience plan
- Training all staff and updating internal policies
Equally important is the Data (Use and Access) Act 2025 (DUAA), often referred to as the UK’s “new GDPR.” This Act covers access to both customer and business data, not just personal data. Key elements include:
- Protecting children and vulnerable groups
- A new lawful basis for processing: Recognised Legitimate Interests, allowing processing for purposes such as crime prevention, safeguarding, or emergencies
- Replacement of the ICO with a new Information Commission, which will have stronger enforcement powers, including expanded audit and inspection authority
Implications for the insurance sector
In the insurance world, cyber insurance claims are expected to increase significantly, reflecting the growing frequency and severity of cyber events. However, businesses that demonstrate strong resilience and risk management practices may see improved rates in other lines, such as property, professional indemnity, and general liability.
Overall, while 2026 brings challenges, it also presents opportunities for organisations to strengthen their resilience, adopt advanced technologies, and engage proactively with new regulatory frameworks.
If there are any niggles keeping you awake at night concerning your organisation’s resilience, then reach out to me for a friendly chat.
All the best for 2026 and beyond.
